Date Author Title
2022-04-04Johannes UllrichEmptying the Phishtank: Are WordPress sites the Mosquitoes of the Internet?
2022-02-02Johannes UllrichFinding elFinder: Who is looking for your files?
2021-11-30Johannes UllrichHunting for PHPUnit Installed via Composer
2019-07-18Xavier MertensMalicious PHP Script Back on Stage?
2018-06-13Xavier MertensA Bunch of Compromized Wordpress Sites
2018-01-09Jim ClausingAre you watching for brute force attacks on IPv6?
2017-05-05Xavier MertensHTTP Headers... the Achilles' heel of many applications
2017-02-04Xavier MertensDetecting Undisclosed Vulnerabilities with Security Tools & Features
2015-03-13Guy BruneauBlind SQL Injection against WordPress SEO by Yoast
2014-11-20Johannes UllrichCritical WordPress XSS Update
2014-07-22Daniel Wesemann WordPress brute force attack via wp.getUsersBlogs
2014-06-19Tony CarothersWordPress and Security
2014-03-12Johannes UllrichWordpress "Pingback" DDoS Attacks
2012-05-22Johannes Ullrichnmap 6 released
2012-04-21Guy BruneauWordPress Release Security Update
2012-01-05Russ McReeWordPress 3.3.1 fixes 15 issues with WordPress 3.3 including XSS. Download 3.3.1 or visit Dashboard --> Updates in your site admin panel.
2011-06-30Guy BruneauWordPress 3.1.4 Security Update -
2011-06-22Guy BruneauWordPress Forces Password Reset
2011-04-18John Security Breach
2011-02-08Mark HofmanWordPress 3.0.5 (and 3.1 RC4) are out
2010-12-30Johannes UllrichCritcal Wordpress Security Update
2010-12-02Kevin JohnsonSQL Injection: Wordpress 3.0.2 released
2010-05-19Kyle HaugsnessWordpress blog attacks... again
2010-05-10Toby KohlenbergAnother round of WordPress Attacks
2010-02-05Jim ClausingWordPress iframe injection?
2009-11-30Bojan ZdrnjaDistributed Wordpress admin account cracking
2009-10-21Pedro BuenoWordPress Hardening
2009-08-11Swa FrantzenWordpress unauthenticated administrator password reset
2008-09-09Swa Frantzenwordpress upgrade
2008-04-23Mari NicholsWhat's New, Old and Morphing?